...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="94a62dc30a3eed68-056c2534-45fe4c12-952b837b-700dedef64837bd31d32df19"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [method doPrivileged() | http://java.sun.com/javase/6/docs/api/java/security/AccessController.html#doPrivileged(java.security.PrivilegedAction)] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="46e6f3c74d79ef3d-022abd1a-484d4e2e-8ddca25a-89d30db780fe86213e528153"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] | Sections 6.4, "AccessController" | ]]></ac:plain-text-body></ac:structured-macro> | |
| 9.5 "Privileged Code" | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a13523b7355ec8d5-e3d9b26c-40c94ff0-add2a51f-4dab00046417da3653a3e0f4"><ac:plain-text-body><![CDATA[ | [[Jovanovic 2006 | AA. Bibliography#Jovanovic 06]] | "Pixy: A Static Analysis Tool for Detecting Web Application Vulnerabilities" | ]]></ac:plain-text-body></ac:structured-macro> |
...
SEC00-J. Do not allow doPrivileged() blocks to leak sensitive information outside a trust boundary 14. Platform Security (SEC) SEC04SEC02-J. Do not load trusted classes after allowing untrusted code to load arbitrary classesRemove superfluous code from privileged blocks